Attribute-Based Remote Data Auditing and User Authentication for Cloud Storage Systems

Ali, Mohammad

doi:10.22042/isecure.2022.0.0.0

Attribute-Based Remote Data Auditing and User Authentication for Cloud Storage Systems

Document Type : Research Article

Author

Mohammad Ali

Department of Mathematics and Computer Science, Amirkabir University of Technology, Tehran, Iran

https://doi.org/10.22042/isecure.2022.0.0.0

Abstract

Remote data auditing (RDA) protocols enable a cloud server to persuade an auditor that it is storing a data file honestly. Unlike digital signature(DS) schemes, in RDA protocols, the auditor can carry out the auditing procedure without having the entire data file. Therefore, RDA protocols seem to be attractive alternatives to DSs as they can effectively reduce bandwidth consumption. However, existing RDA protocols do not provide adequately powerful tools for user authentication. In this paper, we put forward a novel attribute-based remote data auditing and user authentication scheme. In our proposed scheme, without having a data file outsourced to a cloud server, an auditor can check its integrity and the issuer’s authenticity. Indeed, through a challenge-response protocol, the auditor can check whether 1) the cloud server has changed the content of the data file or not; 2) the data owner possesses specific attributes or not. We show that our scheme is secure under the hardness assumption of the bilinear Diffie-Hellman (BDH) problem.

Keywords

Cloud Computing

Data Integrity

Attribute-Based Authentication

Data Auditing

Attribute-Based Cryptography

20.1001.1.20082045.2022.14.3.5.9

[1] M. Ali, J. Mohajeri, M.-R. Sadeghi, and X. Liu, “A fully distributed hierarchical attribute-based encryption scheme,” Theor. Comput. Sci., vol.815, pp. 25–46, 2020.
[2] V. Chang, M. Ramachandran, Y. Yao, Y.-H. Kuo, and C.-S. Li, “A resiliency framework for an enterprise cloud,” Int. J. Inf. Manage., vol. 36, no.1, pp. 155–166, 2016.
[3] J. Katz and Y. Lindell, Introduction to modern cryptography, 3rd ed. Boca Raton, FL: CRC Press, 2020.
[4] M. Ali and X. Liu, “Lightweight verifiable data management system for cloud-assisted wireless body area networks,” Peer Peer Netw. Appl., vol.15, no. 4, pp. 1792–1816, 2022.
[5] S. Boonkrong, Authentication and access control: Practical cryptography methods and tools, 1st ed. Berlin, Germany: APress, 2020.
[6] A. Shamir, “Identity-based cryptosystems and signature schemes,” in Advances in Cryptology, Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 47–53.
[7] M. Ali, J. Mohajeri, M.-R. Sadeghi, and X. Liu, “Attribute-based fine-grained access control for outscored private set intersection computation,” Inf. Sci. (Ny), vol. 536, pp. 222–243, 2020.
[8] M. Ali and M.-R. Sadeghi, “Provable secure lightweight attribute-based keyword search for cloud-based Internet of Things networks: Provable secure lightweight attribute-based keyword search for cloud-based Internet of Things networks,” Trans. emerg. telecommun. technol., vol.32, no. 5, p. e3905, 2021.
[9] M. Ali, M.-R. Sadeghi, and X. Liu, “Lightweight fine-grained access control for wireless body area networks,” Sensors (Basel), vol. 20, no. 4, p. 1088, 2020.
[10] M. Ali, M.-R. Sadeghi, and X. Liu, “Lightweight revocable hierarchical attribute-based encryption for internet of things,” IEEE Access, vol. 8, pp.23951–23964, 2020.
[11] Y. Deswarte, J.-J. Quisquater, and A. Sa¨ıdane, “Remote integrity checking,” in Integrity and Internal Control in Information Systems VI, Boston: Kluwer Academic Publishers, 2005, pp. 1–11.
[12] A. Juels and B. S. Kaliski, “Pors.” Proceedings of the 14th ACM conference on Computer and communications security - CCS , 2007, doi: 10.1145/1315245.1315317.
[13] G. Ateniese, “Provable data possession at untrusted stores.” Proceedings of the 14th ACM conference on Computer and communications security - CCS , 2007, doi: 10.1145/1315245.1315318.
[14] H. Wang, “Identity-Based Distributed Provable Data Possession in Multicloud Storage.” IEEE Transactions on Services Computing, vol. 8, no.2, pp. 328-340, 2015, doi: 10.1109/tsc.2014.1.
[15] Y. Yu, M. H. Au, G. Ateniese, X. Huang, W.Susilo, Y. Dai, G. Min, Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage, IEEE Transactions on Information Forensics and Security 12 (4) (2016)
767–778.
[16] H. Wang, D. He, and S. Tang, “Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud.” IEEE Transactions on Information Forensics and Security, vol. 11, no. 6, pp. 1165-1176, 2016, doi: 10.1109/tifs.2016.2520886.
[17] H. K. Maji, M. Prabhakaran, M. Rosulek, Attribute-based signatures: Achieving attributeprivacy and collusion-resistance., IACR Cryptology ePrint Archive 2008 (2008) 328.
[18] J. Li, M. H. Au, W. Susilo, D. Xie, K. Ren, Attribute-based signature and its applications, in: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ACM, 2010, pp. 60–69.
[19] J. Herranz, F. Laguillaumie, B. Libert, C. R`afols, Short attributebased signatures for threshold predicates, in: Cryptographers’ Track at the RSA Conference, Vol. 7178, Springer, 2012, pp. 51–67.
[20] X. Chen, J. Li, X. Huang, J. Li, Y. Xiang, D.S. Wong, Secure outsourced attribute-based signatures, IEEE Transactions on Parallel and Distributed Systems 25 (12) (2014) 3285–3294.
[21] J. Sun, Y. Su, J. Qin, J. Hu, J. Ma, Outsourced decentralized multiauthority attribute based signature and its application in IoT, IEEE Transactions on Cloud Computing 9 (3) (2019) 1195–1209.
[22] Y. Yu, Y. Li, B. Yang, W. Susilo, G. Yang, J.Bai, Attribute-based cloud data integrity auditing for secure outsourced storage, IEEE Transactions on Emerging Topics in Computing 8 (2) (2017) 377– 390.